Behind the scenes, the commands sent to mail servers are simple text commands. These commands can be to sent to an email server manually via telnet. This is a quick way to test an email server to determine if it is an open relay. First, determine the MX for the domain in question, run this command on command prompt: nslookup type=mx go4expert.com it should return something like: Code: Non-authoritative answer: go4expert.com MX preference = 10, mail exchanger = ASPMX.L.GOOGLE.com go4expert.com MX preference = 20, mail exchanger = ALT1.ASPMX.L.GOOGLE.com go4expert.com MX preference = 30, mail exchanger = ALT2.ASPMX.L.GOOGLE.com go4expert.com MX preference = 40, mail exchanger = ASPMX2.GOOGLEMAIL.com go4expert.com MX preference = 50, mail exchanger = ASPMX3.GOOGLEMAIL.com go4expert.com nameserver = ns1.go4expert.com go4expert.com nameserver = ns2.go4expert.com ASPMX.L.GOOGLE.com internet address = 188.8.131.52 ASPMX.L.GOOGLE.com internet address = 184.108.40.206 ASPMX2.GOOGLEMAIL.com internet address = 220.127.116.11 ASPMX3.GOOGLEMAIL.com internet address = 18.104.22.168 The first five lines tell you about the mail server (MX = Mail Exchange). In this case, ASPMX.L.GOOGLE.com(22.214.171.124) and ALT1.ASPMX.L.GOOGLE.com(126.96.36.199). So, armed with this knowledge, in command prompt type Code: telnet 188.8.131.52 25 Server should respond with: 220 HELO Server responds with: 250 OK MAIL FROM:email@example.com Server responds with: 250 Address Ok. RCPT TO:firstname.lastname@example.org Server responds with: 250 email@example.com OK DATA Server Responds (or may not): 354 Enter Mail Enter message, then on a new line, . The message should now be sent, if the server does not accept the message its not open relay. By modifying the MAIL FROM and RCPT TO lines, you can test for open relay.